A comparative review of ISMS implementation based on ISO 27000 Series in organizations of different business sectors
Organizations have different takes on Information Security Management Systems (ISMS) since security measurements vary according to their business relevance. One way to assure ISMS is being well-implemented is by having a standard compliance such as the ISO 27000 series. The ISO 27000 series is a...
| Main Authors: | , , , |
|---|---|
| Format: | Proceeding Paper |
| Language: | English English |
| Published: |
IOP Publishing
2019
|
| Subjects: | |
| Online Access: | http://irep.iium.edu.my/79737/ http://irep.iium.edu.my/79737/1/79737%20A%20Comparative%20Review%20of%20ISMS%20Implementation%20Based%20on%20ISO.pdf http://irep.iium.edu.my/79737/2/79737%20A%20Comparative%20Review%20of%20ISMS%20Implementation%20Based%20on%20ISO%20SCOPUS.pdf |
| _version_ | 1848788829299802112 |
|---|---|
| author | Hamdi, Zaidatulnajla Norman, Azah Anir Abdul Molok, Nurul Nuha Hassandoust, Farkhondeh |
| author_facet | Hamdi, Zaidatulnajla Norman, Azah Anir Abdul Molok, Nurul Nuha Hassandoust, Farkhondeh |
| author_sort | Hamdi, Zaidatulnajla |
| building | IIUM Repository |
| collection | Online Access |
| description | Organizations have different takes on Information Security Management Systems
(ISMS) since security measurements vary according to their business relevance. One way to
assure ISMS is being well-implemented is by having a standard compliance such as the ISO
27000 series. The ISO 27000 series is a family of standards that provides a framework for best
practice ISMS that helps organizations keep their information assets secure. This paper intends
to seek how organizations in different business sectors implement ISMS in their practices. By
identifying which organization attains a higher number of ISO requirements, it is anticipated
that the characteristics that increase the chances of an organization being certified can be
distinguished. This paper reviews case studies regarding the ISMS implementation based on ISO
27000 series between organizations in different business sectors. The result of this paper presents
the state of ISO compliance of the organizations. The findings also discussed the characteristics
of organizations that are applicable for certification. Through the findings, it is found that the
organization, which fulfilled the highest number of ISO requirement, has a stronger possibility
of being certified. However, ISO standards should be more dynamic to support diverse business
environment thus avoiding generalization to get compliance. |
| first_indexed | 2025-11-14T17:47:02Z |
| format | Proceeding Paper |
| id | iium-79737 |
| institution | International Islamic University Malaysia |
| institution_category | Local University |
| language | English English |
| last_indexed | 2025-11-14T17:47:02Z |
| publishDate | 2019 |
| publisher | IOP Publishing |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | iium-797372020-03-23T03:53:59Z http://irep.iium.edu.my/79737/ A comparative review of ISMS implementation based on ISO 27000 Series in organizations of different business sectors Hamdi, Zaidatulnajla Norman, Azah Anir Abdul Molok, Nurul Nuha Hassandoust, Farkhondeh T10.5 Communication of technical information Organizations have different takes on Information Security Management Systems (ISMS) since security measurements vary according to their business relevance. One way to assure ISMS is being well-implemented is by having a standard compliance such as the ISO 27000 series. The ISO 27000 series is a family of standards that provides a framework for best practice ISMS that helps organizations keep their information assets secure. This paper intends to seek how organizations in different business sectors implement ISMS in their practices. By identifying which organization attains a higher number of ISO requirements, it is anticipated that the characteristics that increase the chances of an organization being certified can be distinguished. This paper reviews case studies regarding the ISMS implementation based on ISO 27000 series between organizations in different business sectors. The result of this paper presents the state of ISO compliance of the organizations. The findings also discussed the characteristics of organizations that are applicable for certification. Through the findings, it is found that the organization, which fulfilled the highest number of ISO requirement, has a stronger possibility of being certified. However, ISO standards should be more dynamic to support diverse business environment thus avoiding generalization to get compliance. IOP Publishing 2019-12-16 Proceeding Paper PeerReviewed application/pdf en http://irep.iium.edu.my/79737/1/79737%20A%20Comparative%20Review%20of%20ISMS%20Implementation%20Based%20on%20ISO.pdf application/pdf en http://irep.iium.edu.my/79737/2/79737%20A%20Comparative%20Review%20of%20ISMS%20Implementation%20Based%20on%20ISO%20SCOPUS.pdf Hamdi, Zaidatulnajla and Norman, Azah Anir and Abdul Molok, Nurul Nuha and Hassandoust, Farkhondeh (2019) A comparative review of ISMS implementation based on ISO 27000 Series in organizations of different business sectors. In: International Conference Computer Science and Engineering (IC2SE), 26th–27th April 2019, Padang, Indonesia. https://iopscience.iop.org/article/10.1088/1742-6596/1339/1/012103/pdf 10.1088/1742-6596/1339/1/012103 |
| spellingShingle | T10.5 Communication of technical information Hamdi, Zaidatulnajla Norman, Azah Anir Abdul Molok, Nurul Nuha Hassandoust, Farkhondeh A comparative review of ISMS implementation based on ISO 27000 Series in organizations of different business sectors |
| title | A comparative review of ISMS implementation based on ISO 27000 Series in organizations of different business sectors |
| title_full | A comparative review of ISMS implementation based on ISO 27000 Series in organizations of different business sectors |
| title_fullStr | A comparative review of ISMS implementation based on ISO 27000 Series in organizations of different business sectors |
| title_full_unstemmed | A comparative review of ISMS implementation based on ISO 27000 Series in organizations of different business sectors |
| title_short | A comparative review of ISMS implementation based on ISO 27000 Series in organizations of different business sectors |
| title_sort | comparative review of isms implementation based on iso 27000 series in organizations of different business sectors |
| topic | T10.5 Communication of technical information |
| url | http://irep.iium.edu.my/79737/ http://irep.iium.edu.my/79737/ http://irep.iium.edu.my/79737/ http://irep.iium.edu.my/79737/1/79737%20A%20Comparative%20Review%20of%20ISMS%20Implementation%20Based%20on%20ISO.pdf http://irep.iium.edu.my/79737/2/79737%20A%20Comparative%20Review%20of%20ISMS%20Implementation%20Based%20on%20ISO%20SCOPUS.pdf |